VULHUB ™

BUGTRAQ ID: 29945 CVE ID：CVE-2008-2365 CNCVE ID：CNCVE-20082365 Linux是一款开放源代码的操作系统。 Linux utrace/ptrace挂接和卸载存在竞争条件问题，本地攻击者可以利用漏洞对系统进行拒绝服务攻击。 ptrace_may_attach()包含如下代码： static int ptrace_attach(struct task_struct *task) { ... engine = utrace_attach(task, (UTRACE_ATTACH_CREATE | UTRACE_ATTACH_EXCLUSIVE | UTRACE_ATTACH_MATCH_OPS), &ptrace_utrace_ops, 0); [error checking] if (ptrace_may_attach(task)) { [more attaching process] 在进行挂接检查时存在问题，因为utrace_attach()会不作检查的建立和修改"struct utrace *"，导致在用户没有权限的情况下进行建立和挂接操作，触发竞争条件，可能导致内核崩溃。 RedHat Enterprise Linux WS 4 RedHat Enterprise Linux ES 4 RedHat Enterprise Linux AS 4 RedHat Desktop 4.0 Linux kernel 2.6.25 .5 Linux kernel 2.6.25 Linux kernel 2.6.24 .2 Linux kernel 2.6.24 .1 Linux kernel 2.6.24 -rc5 Linux kernel 2.6.24 -rc4 Linux kernel 2.6.24 -rc3 Linux kernel 2.6.23 .7 Linux kernel 2.6.23 .6 Linux kernel 2.6.23 .5 Linux kernel 2.6.23 .4 Linux kernel 2.6.23 .3 Linux kernel 2.6.23 .2 Linux kernel 2.6.23 -rc2 Linux kernel 2.6.23 -rc1...

BUGTRAQ ID: 29945 CVE ID：CVE-2008-2365 CNCVE ID：CNCVE-20082365 Linux是一款开放源代码的操作系统。 Linux utrace/ptrace挂接和卸载存在竞争条件问题，本地攻击者可以利用漏洞对系统进行拒绝服务攻击。 ptrace_may_attach()包含如下代码： static int ptrace_attach(struct task_struct *task) { ... engine = utrace_attach(task, (UTRACE_ATTACH_CREATE | UTRACE_ATTACH_EXCLUSIVE | UTRACE_ATTACH_MATCH_OPS), &amp;ptrace_utrace_ops, 0); [error checking] if (ptrace_may_attach(task)) { [more attaching process] 在进行挂接检查时存在问题，因为utrace_attach()会不作检查的建立和修改&quot;struct utrace *&quot;，导致在用户没有权限的情况下进行建立和挂接操作，触发竞争条件，可能导致内核崩溃。 RedHat Enterprise Linux WS 4 RedHat Enterprise Linux ES 4 RedHat Enterprise Linux AS 4 RedHat Desktop 4.0 Linux kernel 2.6.25 .5 Linux kernel 2.6.25 Linux kernel 2.6.24 .2 Linux kernel 2.6.24 .1 Linux kernel 2.6.24 -rc5 Linux kernel 2.6.24 -rc4 Linux kernel 2.6.24 -rc3 Linux kernel 2.6.23 .7 Linux kernel 2.6.23 .6 Linux kernel 2.6.23 .5 Linux kernel 2.6.23 .4 Linux kernel 2.6.23 .3 Linux kernel 2.6.23 .2 Linux kernel 2.6.23 -rc2 Linux kernel 2.6.23 -rc1 Linux kernel 2.6.23 Linux kernel 2.6.22 7 Linux kernel 2.6.22 1 Linux kernel 2.6.22 .8 Linux kernel 2.6.22 .6 Linux kernel 2.6.22 .5 Linux kernel 2.6.22 .4 Linux kernel 2.6.22 .3 Linux kernel 2.6.22 .17 Linux kernel 2.6.22 .16 Linux kernel 2.6.22 .15 Linux kernel 2.6.22 .14 Linux kernel 2.6.22 .13 Linux kernel 2.6.22 .12 Linux kernel 2.6.22 .11 Linux kernel 2.6.22 Linux kernel 2.6.22 Linux kernel 2.6.21 4 Linux kernel 2.6.21 .7 Linux kernel 2.6.21 .6 Linux kernel 2.6.21 .2 Linux kernel 2.6.21 .1 Linux kernel 2.6.21 Linux kernel 2.6.21 Linux kernel 2.6.21 Linux kernel 2.6.20 .9 Linux kernel 2.6.20 .8 Linux kernel 2.6.20 .5 Linux kernel 2.6.20 .4 Linux kernel 2.6.20 .15 Linux kernel 2.6.20 Linux kernel 2.6.20 Linux kernel 2.6.19 1 Linux kernel 2.6.19 .2 Linux kernel 2.6.19 .1 Linux kernel 2.6.19 -rc4 Linux kernel 2.6.19 -rc3 Linux kernel 2.6.19 -rc2 + Trustix Secure Enterprise Linux 2.0 + Trustix Secure Linux 2.2 + Trustix Secure Linux 2.1 + Trustix Secure Linux 2.0 Linux kernel 2.6.19 -rc1 Linux kernel 2.6.19 Linux kernel 2.6.18 .4 Linux kernel 2.6.18 .3 Linux kernel 2.6.18 .1 Linux kernel 2.6.18 Linux kernel 2.6.17 .8 Linux kernel 2.6.17 .7 Linux kernel 2.6.17 .6 Linux kernel 2.6.17 .5 Linux kernel 2.6.17 .3 Linux kernel 2.6.17 .2 Linux kernel 2.6.17 .14 Linux kernel 2.6.17 .13 Linux kernel 2.6.17 .12 Linux kernel 2.6.17 .11 Linux kernel 2.6.17 .10 Linux kernel 2.6.17 .1 Linux kernel 2.6.17 -rc5 Linux kernel 2.6.17 Linux kernel 2.6.17 Linux kernel 2.6.17 Linux kernel 2.6.17 Linux kernel 2.6.17 Linux kernel 2.6.17 Linux kernel 2.6.16 27 Linux kernel 2.6.16 13 Linux kernel 2.6.16 .9 Linux kernel 2.6.16 .7 Linux kernel 2.6.16 .23 Linux kernel 2.6.16 .19 Linux kernel 2.6.16 .12 Linux kernel 2.6.16 .11 Linux kernel 2.6.16 .1 Linux kernel 2.6.16 -rc1 Linux kernel 2.6.16 Linux kernel 2.6.16 Linux kernel 2.6.16 Linux kernel 2.6.16 Linux kernel 2.6.16 Linux kernel 2.6.16 Linux kernel 2.6.16 Linux kernel 2.6.16 Linux kernel 2.6.16 Linux kernel 2.6.16 Linux kernel 2.6.16 Linux kernel 2.6.15 .4 Linux kernel 2.6.15 .3 Linux kernel 2.6.15 .2 Linux kernel 2.6.15 .1 Linux kernel 2.6.15 -rc3 Linux kernel 2.6.15 -rc2 Linux kernel 2.6.15 -rc1 Linux kernel 2.6.15 Linux kernel 2.6.15 + Trustix Secure Enterprise Linux 2.0 + Trustix Secure Linux 2.2 + Trustix Secure Linux 2.1 + Trustix Secure Linux 2.0 Linux kernel 2.6.15 Linux kernel 2.6.15 Linux kernel 2.6.15 Linux kernel 2.6.15 Linux kernel 2.6.14 .5 Linux kernel 2.6.14 .4 Linux kernel 2.6.14 .3 Linux kernel 2.6.14 .2 Linux kernel 2.6.14 .1 Linux kernel 2.6.14 -rc4 Linux kernel 2.6.14 -rc3 Linux kernel 2.6.14 -rc2 Linux kernel 2.6.14 -rc1 Linux kernel 2.6.14 Linux kernel 2.6.14 Linux kernel 2.6.13 .4 Linux kernel 2.6.13 .3 Linux kernel 2.6.13 .2 Linux kernel 2.6.13 .1 Linux kernel 2.6.13 -rc7 Linux kernel 2.6.13 -rc6 Linux kernel 2.6.13 -rc4 Linux kernel 2.6.13 -rc1 Linux kernel 2.6.13 Linux kernel 2.6.13 + Trustix Secure Enterprise Linux 2.0 + Trustix Secure Linux 2.2 + Trustix Secure Linux 2.1 + Trustix Secure Linux 2.0 Linux kernel 2.6.12 .6 Linux kernel 2.6.12 .5 Linux kernel 2.6.12 .4 Linux kernel 2.6.12 .3 Linux kernel 2.6.12 .22 Linux kernel 2.6.12 .2 Linux kernel 2.6.12 .12 Linux kernel 2.6.12 .1 Linux kernel 2.6.12 -rc5 Linux kernel 2.6.12 -rc4 Linux kernel 2.6.12 -rc1 Linux kernel 2.6.12 Linux kernel 2.6.12 Linux kernel 2.6.11 .8 Linux kernel 2.6.11 .7 Linux kernel 2.6.11 .6 Linux kernel 2.6.11 .5 Linux kernel 2.6.11 .4 Linux kernel 2.6.11 .12 Linux kernel 2.6.11 .11 Linux kernel 2.6.11 -rc4 Linux kernel 2.6.11 -rc3 Linux kernel 2.6.11 -rc2 Linux kernel 2.6.11 Linux kernel 2.6.11 + Trustix Secure Enterprise Linux 2.0 + Trustix Secure Linux 2.2 + Trustix Secure Linux 2.1 + Trustix Secure Linux 2.0 Linux kernel 2.6.10 rc2 Linux kernel 2.6.10 + RedHat Fedora Core3 + RedHat Fedora Core2 + Trustix Secure Linux 3.0 + Ubuntu Ubuntu Linux 5.0 4 powerpc + Ubuntu Ubuntu Linux 5.0 4 i386 + Ubuntu Ubuntu Linux 5.0 4 amd64 Linux kernel 2.6.10 Linux kernel 2.6.9 Linux kernel 2.6.25.4 Linux kernel 2.6.25.3 Linux kernel 2.6.25.2 Linux kernel 2.6.25.1 Linux kernel 2.6.24.6 Linux kernel 2.6.24-rc2 Linux kernel 2.6.24-rc1 Linux kernel 2.6.23.14 Linux kernel 2.6.23.10 Linux kernel 2.6.23.1 Linux kernel 2.6.23.09 Linux kernel 2.6.22-rc7 Linux kernel 2.6.22-rc1 Linux kernel 2.6.21-RC6 Linux kernel 2.6.21-RC5 Linux kernel 2.6.21-RC4 Linux kernel 2.6.21-RC3 Linux kernel 2.6.21-RC3 Linux kernel 2.6.20.3 Linux kernel 2.6.20.2 Linux kernel 2.6.20.13 Linux kernel 2.6.20.11 Linux kernel 2.6.20.1 Linux kernel 2.6.20-rc2 Linux kernel 2.6.20-2 Linux kernel 2.6.18-8.1.8.el5 Linux kernel 2.6.18-53 Linux kernel 2.6.18 Linux kernel 2.6.15.5 Linux kernel 2.6.15.11 Linux kernel 2.6.15-27.48 Linux kernel 2.6.11.4 可参考如下补丁： Linux kernel 2.6.25.3 Linux [PATCH] fix zap_thread's ptrace related problems <a href=http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.25.y.git;a= target=_blank>http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.25.y.git;a=</a> commit;h=5ecfbae093f0c37311e89b29bfc0c9d586eace87 Linux Fix ptrace_attach()/ptrace_traceme()/de_thread() race <a href=http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.25.y.git;a= target=_blank>http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.25.y.git;a=</a> commit;h=f5b40e363ad6041a96e3da32281d8faa191597b9 Linux ptrace_attach: fix possible deadlock schenario with irqs <a href=http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.25.y.git;a= target=_blank>http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.25.y.git;a=</a> commit;h=f358166a9405e4f1d8e50d8f415c26d95505b6de Linux kernel 2.6.25.2 Linux [PATCH] fix zap_thread's ptrace related problems <a href=http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.25.y.git;a= target=_blank>http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.25.y.git;a=</a> commit;h=5ecfbae093f0c37311e89b29bfc0c9d586eace87 Linux Fix ptrace_attach()/ptrace_traceme()/de_thread() race <a href=http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.25.y.git;a= target=_blank>http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.25.y.git;a=</a> commit;h=f5b40e363ad6041a96e3da32281d8faa191597b9 Linux ptrace_attach: fix possible deadlock schenario with irqs <a href=http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.25.y.git;a= target=_blank>http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.25.y.git;a=</a> commit;h=f358166a9405e4f1d8e50d8f415c26d95505b6de Linux kernel 2.6.25 .5 Linux [PATCH] fix zap_thread's ptrace related problems <a href=http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.25.y.git;a= target=_blank>http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.25.y.git;a=</a> commit;h=5ecfbae093f0c37311e89b29bfc0c9d586eace87 Linux Fix ptrace_attach()/ptrace_traceme()/de_thread() race <a href=http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.25.y.git;a= target=_blank>http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.25.y.git;a=</a> commit;h=f5b40e363ad6041a96e3da32281d8faa191597b9 Linux ptrace_attach: fix possible deadlock schenario with irqs <a href=http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.25.y.git;a= target=_blank>http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.25.y.git;a=</a> commit;h=f358166a9405e4f1d8e50d8f415c26d95505b6de